PaulDotCom mailing list archives
Re: extracting MSSQL from a pcap
From: c1b3rh4ck <c1b3rh4ck () gmail com>
Date: Thu, 28 Nov 2013 10:25:23 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 El 26/11/2013 02:28 p.m., Robin Wood escribió:
On 26 Nov 2013 18:58, "c1b3rh4ck" <c1b3rh4ck () gmail com> wrote:El 25/11/2013 06:09 p.m., Robin Wood escribió:I've got a pcap which contains unencrypted MSSQL traffic, can anyone recommend an app which will extract all the SQL? I can see it in Wireshark but it isn't decoding it for some reason, if I save the packets as text I can manipulate it into mostly readable form by some simple replaces but would rather a nice clean extraction, especially as I know this has usernames and passwords in. Robin _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.comHi, You can use python libraries to parse the content,take a look at scapy :) Best regards .Does Scapy have a dissector for MSSQL/TDS?
Hi , i'm not pretty sure but i could think yes :)
Robin------------------------------ Debian User Penetration Testing Colombian Security Enthusiast Paranoid Security Addict LinuxUser #506301 ------------------------------------ Quien se infiltra en la oscuridad,es Quien encuentra la verdad .Lao Tse_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
- ------------------------------ Debian User Penetration Testing Colombian Security Enthusiast Paranoid Security Addict LinuxUser #506301 - ------------------------------------ Quien se infiltra en la oscuridad,es Quien encuentra la verdad .Lao Tse -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJSl2BiAAoJEH744K9jmDitNyQH/14vNvK/qHjlHOCemXl62foG lE9Qtaezl0V3piP5HpC4MO0bqwgcIJZabQaez/31aR23So3eK4FX69c+CJtIk36n 1df5Mnv16fhLY6zhaRqasb4AqujS2BqtFgq1QnlxnSjWy/gNAPpWzFfCDdGre8+K vfFJyNd3FNudhdj4B1yXzN4VfZKsWtWq1efrfyGNesfPzbyJ4jrox1fsqh/cJcIg Qc8BKBU3PkdgNJOvOnyPvO8NgRYYDUvlwzvwpmg5knA5xmF3KcO/0D53CWWUlSam yKrQtdFm370Ac1omqK31CTCoHcTXis5Iogg7fb1sUzP5EiZOBF6Skw+4K2MNsnY= =CRdG -----END PGP SIGNATURE----- _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- extracting MSSQL from a pcap Robin Wood (Nov 26)
- Re: extracting MSSQL from a pcap c1b3rh4ck (Nov 26)
- Re: extracting MSSQL from a pcap Robin Wood (Nov 27)
- Re: extracting MSSQL from a pcap c1b3rh4ck (Nov 28)
- Re: extracting MSSQL from a pcap Erik Hjelmvik (Nov 29)
- Re: extracting MSSQL from a pcap Robin Wood (Dec 02)
- Re: extracting MSSQL from a pcap Robin Wood (Dec 02)
- Re: extracting MSSQL from a pcap Erik Hjelmvik (Dec 04)
- Re: extracting MSSQL from a pcap Robin Wood (Nov 27)
- Recommendations for a Linux tool-writing approach? Glen Roberts (Dec 02)
- Re: Recommendations for a Linux tool-writing approach? Robin Wood (Dec 03)
- Re: Recommendations for a Linux tool-writing approach? Frank Michael (Dec 04)
- Re: Recommendations for a Linux tool-writing approach? Jason Drury (Dec 10)
- Re: extracting MSSQL from a pcap c1b3rh4ck (Nov 26)
- Re: Recommendations for a Linux tool-writing approach? Jamil Ben Alluch (Dec 03)
- Re: Recommendations for a Linux tool-writing approach? xgermx (Dec 03)